IBM Cloud Log Analysis with LogDNA Alerts
Customizing Event Log Views, Configuring Alert Notifications, configuring preset and alerts
IBM Cloud Log Analysis with LogDNA, you can attach one or more alerts to a view. You can also define multiple notification channels for an alert. Alerts can be muted or you can detach alerts. For example, you can configure an alert that is triggered after 30 seconds, or when a 100 log lines that match the view’s filtering and search criteria are collected.
To find out more, see Working with Alerts
- Configuring Event Log Alerts Notifications
- Testing Alerts
- Configure a view-specific alert
- Delete a preset (alert template)
- Detach a view-specific alert from a view
Configuring Event Log Alerts Notifications
Alerts can be configured for multiple notification channels. The following valid channels are supported: email, Slack, PagerDuty, Webhook You can also define a preset. A preset is an alert template that you can attach to any number of views.
Lets get started in configuring an alert preset (alert template).
Log in to your IBM Cloud account External link icon. From the Menu icon, select Observability. Select Logging. The list of IBM Log Analysis with LogDNA service instances that are available on IBM Cloud is displayed. Select one instance and click View LogDNA.
The LogDNA dashboard opens, shown below.
Complete the following steps to configure a preset:
Select the Settings icon.
Select Alerts.
Select Add a preset alert.
Choose a notification channel.
Define the threshold conditions.
a. Select a time frequency. For example, 12 hours.
b. Enter the number of log lines after which you want the alert to trigger.
c. Select whether you want both conditions to be checked or just one.
Add the details for the notification channel that you have chosen.
For example, for the email notification channel, add one or more recipients, and optionally a time zone.
Testing Alerts
Perform a test to see if the alert notification is successful.
If so, click Save alert.
Now, let’s adjust the alert notification time from 12 hours (as configured above) to one minute to see if any alerts notications come through.
The screenshot below was captured to show the number of event logs matching the preset view alerts.
Configure a view-specific alert
Click the Views icon Configuration icon.
Create a view.Apply a time frame, filters and search criteria to filter the log lines that are displayed through the view.
For more information, see Creating Views
Click the view name. Then, select Attach an alert.
Choose view-specific alert.
Choose a notification channel.
Define the threshold conditions.
Select a time frequency. For example, 12 hours.
Enter the number of log lines after which you want the alert to trigger.
Select whether you want both conditions to be checked or just one.
Add the details for the notification channel that you have chosen.
For example, for the email notification channel, add one or more recipients, and optionally a time zone.
Click Save alert.
For more information on configuring alerts see, Creating Views
Delete a preset (alert template)
Complete the following steps to delete a preset:
- Select the Configuration icon.
Select Alerts.
- Hover the mouse over the edit button of the preset that you want to delete. The delete option shows.
- Select Delete.
- Confirm that you want to delete the preset. Click Delete.
Detach a view-specific alert from a view
Complete the following steps to detach a preset:
- Select the Configuration icon Configuration icon.
Select Alerts.
- over the mouse over the edit button of the alert that you want to delete. The delete option shows.
- Select Detach.
- Confirm that you want to delete the alert. Click Detach.